login-Page on https / ssl-certificate

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

dear Alan,

here are the screenshots. I use Android 7.0

[img]https://at.cloud.fabasoft.com/folio/public/1niodv3wkh5c81dzkyenmfegu3
[/img][url][/url]

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

A bit hard to see since it is not in English.

Please note that the cert you purchased can only eliminate the warning in the FirstSpot login page itself. If the device initially access https (e.g. https://www.t-mobile.at), FirstSpot redirect will still trigger a SSL warning. This is just the limitation of captive portal based system as FirstSpot needs to intercept the https traffic.

Note almost all devices automatically captive portal detection (e.g. Android, iOS captive network support) will initially access http to prevent this SSL warning from happening.
_________________
~ Patronsoft Limited ~

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

here are the screenshots in English

https://at.cloud.fabasoft.com/folio/public/278bcdo5k56qg2pdq5k6mst1yz

There I see
1) cipher is obsolate?
2) server-certificate is not trusted? Mybe the ca.cert I put wrong? Or the ca.cert can't be read?

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

Is h2ohotel.at your current FirstSpot login page URL? Again, the cert can only encrypt the FirstSpot login page.
_________________
~ Patronsoft Limited ~

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

yes I did h2ohotel.at as my login-page. And I did the SSL-registration for that domain officially and was registered by godaddy.com

; Private gateway domain name
gateway_domain=h2ohotel.at

; Show IP or domain name in URL (0:IP, >0:DN)
show_domain_URL=1

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

It is a bit hard to see in the mobile phone.

Can you use Windows PC, and use IE to trigger the problem and post the screenshot?
_________________
~ Patronsoft Limited ~

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

Looks like you are still using our self-sign certificate. Make sure you select "Use 3rd-party SSL certificates" under Authentication Server tab, and then restart FirstSpot.
_________________
~ Patronsoft Limited ~

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

here are the screenshots from Windows7 (only german!)

According to the Translation by internet, the error should be

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

Please see my previous comment.
_________________
~ Patronsoft Limited ~

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

I have restarted, but it is still the same error Shocked

I have checked, the ca.cert on the Server, it is the correct from godaddy.com

[url]GoDaddy Certificate Bundles - G2 With Cross to G1, includes Root[/url]

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

https://certs.godaddy.com/repository

and before, I switched off an on again. both switches are set

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

Did you apply all the steps in chapter 5 of firstspot_guide.pdf? Also, can you post the section related SSL in config.ini here?
_________________
~ Patronsoft Limited ~

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

yes - pages 42+43 as written. I needed to use 256 bit encryption.

alan · **Forum facilitator** Joined: 26 Sep 2003 Posts: 4435

Did you see any error message when you run those commands?

Can you run those commands again (please capture the output this time)?
_________________
~ Patronsoft Limited ~

medzoom · Joined: 27 Dec 2011 Posts: 45 Location: Austria

sorry.. it was the incorrect my-server.key file, which I had in the conf-folder. I corrected to the right my-server.key-file and now the SSL works without any error Smile

best regards...